public static ApiAuth.Result IsApiAuth(Controllers.GenericAuthController c, string validRole = null, IEnumerable <ApiCall.CallParameter> parameters = null, [CallerMemberName] string method = "")
{
if (string.IsNullOrEmpty(validRole))
{
return(IsApiAuth(c, new string[] { }, parameters, method));
}
else
{
return(IsApiAuth(c, validRole.Split(','), parameters, method));
}
}
public static bool IsLimited(Controllers.GenericAuthController c, string[] validRoles = null)
{
validRoles = validRoles ?? defaultRolesWithoutLimitation;
var usrmgr = HttpContext.Current.GetOwinContext().GetUserManager <ApplicationUserManager>();
if (c.User?.Identity?.IsAuthenticated == true)
{
if (validRoles.Count() == 0)
{
return(false);
}
foreach (var role in validRoles)
{
if (c.User.IsInRole(role.Trim()))
{
return(false);
}
}
return(true);
}
return(true);
}
public static ApiAuth.Result IsApiAuth(Controllers.GenericAuthController c, string[] validRoles, IEnumerable <ApiCall.CallParameter> parameters = null, [CallerMemberName] string method = "")
{
var usrmgr = HttpContext.Current.GetOwinContext().GetUserManager <ApplicationUserManager>();
string login = null;
if (c.User?.Identity?.IsAuthenticated == true)
{
Microsoft.AspNet.Identity.EntityFramework.IdentityUser user = usrmgr.FindByEmail(c.User.Identity.Name);
if (validRoles == null)
{
return(ApiAuth.Result.Valid(new ApiCall()
{
IP = c.Request.UserHostAddress, UserId = user?.Id, User = c.User.Identity.Name, Id = method, Method = method, Parameters = parameters
}));
}
else if (validRoles.Count() == 0)
{
return(ApiAuth.Result.Valid(new ApiCall()
{
IP = c.Request.UserHostAddress, UserId = user?.Id, User = c.User.Identity.Name, Id = method, Method = method, Parameters = parameters
}));
}
else
{
foreach (var role in validRoles)
{
if (c.User.IsInRole(role.Trim()))
{
return(ApiAuth.Result.Valid(new ApiCall()
{
IP = c.Request.UserHostAddress, UserId = user?.Id, User = c.User.Identity.Name, Id = method, Method = method, Parameters = parameters
}));
}
}
return(ApiAuth.Result.Invalid(new ApiCall()
{
IP = c.Request.UserHostAddress, UserId = user?.Id, User = c.User.Identity.Name, Id = method, Method = method, Parameters = parameters
}));
}
}
else if (IsApiAuthHeader(c.HttpContext.Request, out login))
{
Microsoft.AspNet.Identity.EntityFramework.IdentityUser user = usrmgr.FindByEmail(login);
if (user == null)
{
return(ApiAuth.Result.Invalid(new ApiCall()
{
IP = c.Request.UserHostAddress, UserId = null, User = null, Id = method, Method = method, Parameters = parameters
}));
}
else
{
if (validRoles == null)
{
return(ApiAuth.Result.Valid(new ApiCall()
{
IP = c.Request.UserHostAddress, UserId = user.Id, User = user.Email, Id = method, Method = method, Parameters = parameters
}));
}
else if (validRoles.Count() == 0)
{
return(ApiAuth.Result.Valid(new ApiCall()
{
IP = c.Request.UserHostAddress, UserId = user.Id, User = user.Email, Id = method, Method = method, Parameters = parameters
}));
}
else
{
foreach (var role in validRoles)
{
if (usrmgr.IsInRole(user.Id, role.Trim()))
{
return(ApiAuth.Result.Valid(new ApiCall()
{
IP = c.Request.UserHostAddress, UserId = user.Id, User = user.Email, Id = method, Method = method, Parameters = parameters
}));
}
}
return(ApiAuth.Result.Invalid(new ApiCall()
{
IP = c.Request.UserHostAddress, UserId = user.Id, User = user.Email, Id = method, Method = method, Parameters = parameters
}));
}
}
}
else
{
return(ApiAuth.Result.Invalid(new ApiCall()
{
IP = c.Request.UserHostAddress, UserId = null, User = null, Id = method, Method = method, Parameters = parameters
}));
}
}
